There are two forms of communication that exist between Cisco Unified MeetingPlace Video Integration and the Video Administration for Cisco Unified MeetingPlace. One uses SOAP over HTTP(s) and one uses a proprietary XML protocol over a persistent TCP socket. We recommend that you secure the communication between these two servers to guard against security attacks.

A set of server and client certificates are installed with Video Integration by default. These certificates are signed by using a Certificate Authority key that is generated by using OpenSSL. After installing Video Integration, SSL is turned off by default.

Configuring a Basic Level of Security by Using OpenSSL

To encrypt the communication between the Video Administration server and the Web Conferencing servers that have Video Integration installed, you can use the OpenSSL configuration files that are installed by default.

Check the Encrypt Video Administration Communication checkbox. Answer Yes to the question about changing the port to 8443. (This changes the Video Administration Port setting on the Video tab. You can also do it manually.)

Once security is configured on the Video Administration server and on all of the Web Conferencing servers that have Video Integration installed, any future changes to the security levels must be made on all servers, including the Video Administration server. In addition, services must be restarted whenever changes to security settings are made.